Millions of Android Devices Vulnerable to Hardware Based Attack That Gives Root Access

Highlights

The Drammer attack exploits hardware components to access data

Researchers in Amsterdam demoed this vulnerability

They could completely root Samsung and OnePlus smartphones

Researchers of VUSec Lab at Vrije Universiteit Amsterdam have discovered a new way in which hackers can take control of millions of Android devices. In their demo, they showed how hackers could exploit data on smartphones through memory chips and other physical parts embedded inside, opening up a whole new world of vulnerabilities that wasn't thought of before. In theory, the type of attack - which exploits a new-found flaw in mobile memory - could be users on iPhones as well as other mobile devices.

The Drammer exploit is based on the Rowhammer class of attacks that target memory chips like DRAM, and has the potential to root millions of Android smartphones out there, including the ones that are running on ARM chips. This new exploit leverages a memory hardware vulnerability to surreptitiously root gain access using an app without any special permissions. The researchers claim that they have used the Drammer attack to root many LG, Motorola, Samsung, and OnePlus handsets.

What is worse is that there is no quick fix for this exploit as well. Hardware bugs weren't even considered a possibility, and therefore no software fix was ever issued for them. "Until recently, we never even thought about hardware bugs [and] software was never written to deal with them. Now, we are using them to break your phone or tablet in a fully reliable way and without relying on any software vulnerability or esoteric feature. And there is no quick software update to patch the problem and go back to business as usual," one of the researchers, Victor van der Veen told the publication.

However, the report further notes that not all units of the above-mentioned smartphones were compromised. It largely depended on the age of the smartphone, and older the smartphone, the more vulnerable was it to the exploit - this is based on how the vulnerability works, by flipping bits on a memory module. The Rowhammer attack has been around for quite a while, but this is the first time it is seen risking smartphone data.

The researchers had even intimated Google about the vulnerability in July, for which they even received a $4,000 reward. Google is still working on a fix, and plans to release it in the November security bulletin.

Veen claims that the fix won't completely prevent hackers from exploiting, but expects it to make it very difficult. You cannot expect an OEM to stop bundling in random access memory chips and other crucial hardware components to prevent the Rowhammer exploit.

Tasneem AkolawalaEmail Tasneem
When not expelling tech wisdom, Tasneem feeds on good stories that strike on all those emotional chords. She loves road trips, a good laugh, and interesting people. She ... More